<!DOCTYPE html>
<html lang="zh-CN">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>Spring Security 安全框架完全指南</title>
    <link href="https://cdn.staticfile.org/font-awesome/6.4.0/css/all.min.css" rel="stylesheet">
    <link href="https://cdn.staticfile.org/tailwindcss/2.2.19/tailwind.min.css" rel="stylesheet">
    <link href="https://fonts.googleapis.com/css2?family=Noto+Serif+SC:wght@400;500;600;700&family=Noto+Sans+SC:wght@300;400;500;700&display=swap" rel="stylesheet">
    <script src="https://cdn.jsdelivr.net/npm/mermaid@latest/dist/mermaid.min.js"></script>
    <style>
        body {
            font-family: 'Noto Sans SC', Tahoma, Arial, Roboto, "Droid Sans", "Helvetica Neue", "Droid Sans Fallback", "Heiti SC", "Hiragino Sans GB", Simsun, sans-serif;
            background: linear-gradient(135deg, #f5f7fa 0%, #c3cfe2 100%);
            min-height: 100vh;
        }
        
        .hero-gradient {
            background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
        }
        
        .card-hover {
            transition: all 0.3s ease;
            border: 2px solid transparent;
        }
        
        .card-hover:hover {
            transform: translateY(-5px);
            box-shadow: 0 20px 40px rgba(0,0,0,0.1);
            border-color: #667eea;
        }
        
        .feature-icon {
            background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
            -webkit-background-clip: text;
            -webkit-text-fill-color: transparent;
            background-clip: text;
        }
        
        pre {
            background: #1e1e1e;
            border-radius: 12px;
            padding: 1.5rem;
            overflow-x: auto;
            box-shadow: 0 10px 30px rgba(0,0,0,0.2);
        }
        
        code {
            color: #d4d4d4;
            font-family: 'Consolas', 'Monaco', monospace;
        }
        
        .section-title {
            position: relative;
            padding-left: 20px;
        }
        
        .section-title::before {
            content: '';
            position: absolute;
            left: 0;
            top: 50%;
            transform: translateY(-50%);
            width: 4px;
            height: 30px;
            background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
            border-radius: 2px;
        }
        
        .mermaid {
            background: white;
            padding: 2rem;
            border-radius: 12px;
            box-shadow: 0 10px 30px rgba(0,0,0,0.1);
        }
        
        .drop-cap {
            float: left;
            font-size: 4rem;
            line-height: 1;
            font-weight: 700;
            margin-right: 0.5rem;
            margin-top: -0.2rem;
            color: #667eea;
            font-family: 'Noto Serif SC', serif;
        }
        
        @keyframes fadeInUp {
            from {
                opacity: 0;
                transform: translateY(30px);
            }
            to {
                opacity: 1;
                transform: translateY(0);
            }
        }
        
        .animate-fadeInUp {
            animation: fadeInUp 0.8s ease-out;
        }
    </style>
</head>
<body>
    <!-- Hero Section -->
    <div class="hero-gradient text-white py-20 px-6">
        <div class="max-w-6xl mx-auto text-center animate-fadeInUp">
            <h1 class="text-5xl md:text-6xl font-bold mb-6" style="font-family: 'Noto Serif SC', serif;">
                Spring Security
            </h1>
            <p class="text-xl md:text-2xl mb-8 opacity-90">
                企业级 Java 应用安全框架完全指南
            </p>
            <div class="flex justify-center space-x-8 text-sm md:text-base">
                <div class="flex items-center">
                    <i class="fas fa-shield-alt mr-2"></i>
                    <span>全方位安全防护</span>
                </div>
                <div class="flex items-center">
                    <i class="fas fa-lock mr-2"></i>
                    <span>身份认证与授权</span>
                </div>
                <div class="flex items-center">
                    <i class="fas fa-code mr-2"></i>
                    <span>Spring 生态集成</span>
                </div>
            </div>
        </div>
    </div>

    <!-- Main Content -->
    <div class="max-w-7xl mx-auto px-6 py-12">
        <!-- Introduction -->
        <div class="bg-white rounded-2xl shadow-xl p-8 mb-12 animate-fadeInUp">
            <p class="text-lg leading-relaxed text-gray-700">
                <span class="drop-cap">S</span>pring Security 是一个功能强大的安全框架，用于为 Java 应用程序提供全面的安全管理。它是 Spring 生态系统的一部分，集成了许多安全功能，可以有效地保护 Web 应用程序、微服务和企业应用程序。
            </p>
        </div>

        <!-- Architecture Diagram -->
        <div class="mb-12 animate-fadeInUp">
            <h2 class="text-3xl font-bold mb-6 text-center text-gray-800">Spring Security 架构概览</h2>
            <div class="mermaid">
                graph TB
                    A[客户端请求] --> B[Security Filter Chain]
                    B --> C{认证管理器}
                    C -->|成功| D[授权管理器]
                    C -->|失败| E[认证失败处理]
                    D -->|允许| F[访问资源]
                    D -->|拒绝| G[访问拒绝处理]
                    
                    H[会话管理] --> B
                    I[CSRF保护] --> B
                    J[XSS防护] --> B
                    
                    style A fill:#f9f,stroke:#333,stroke-width:2px
                    style F fill:#9f9,stroke:#333,stroke-width:2px
                    style E fill:#f99,stroke:#333,stroke-width:2px
                    style G fill:#f99,stroke:#333,stroke-width:2px
            </div>
        </div>

        <!-- Features Grid -->
        <div class="grid grid-cols-1 md:grid-cols-2 gap-8 mb-12">
            <!-- Authentication -->
            <div class="bg-white rounded-2xl shadow-lg p-8 card-hover animate-fadeInUp">
                <div class="flex items-center mb-6">
                    <i class="fas fa-user-shield text-4xl feature-icon mr-4"></i>
                    <h3 class="text-2xl font-bold section-title">身份认证（Authentication）</h3>
                </div>
                
                <p class="text-gray-700 mb-4">
                    <strong>用途：</strong>确保用户身份的真实性。身份认证是验证用户身份的过程，即确保用户是他们声称的那个人。
                </p>
                
                <div class="space-y-3 mb-6">
                    <div class="flex items-start">
                        <i class="fas fa-check-circle text-purple-600 mt-1 mr-3"></i>
                        <div>
                            <strong>表单登录：</strong>使用登录表单进行用户认证
                        </div>
                    </div>
                    <div class="flex items-start">
                        <i class="fas fa-check-circle text-purple-600 mt-1 mr-3"></i>
                        <div>
                            <strong>基本认证：</strong>使用 HTTP Basic Authentication
                        </div>
                    </div>
                    <div class="flex items-start">
                        <i class="fas fa-check-circle text-purple-600 mt-1 mr-3"></i>
                        <div>
                            <strong>OAuth2 / OpenID Connect：</strong>集成第三方认证服务
                        </div>
                    </div>
                    <div class="flex items-start">
                        <i class="fas fa-check-circle text-purple-600 mt-1 mr-3"></i>
                        <div>
                            <strong>LDAP认证：</strong>集成 LDAP 服务进行用户认证
                        </div>
                    </div>
                </div>
                
                <pre><code>@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.inMemoryAuthentication()
            .withUser("user").password("{noop}password").roles("USER");
    }
}</code></pre>
            </div>

            <!-- Authorization -->
            <div class="bg-white rounded-2xl shadow-lg p-8 card-hover animate-fadeInUp" style="animation-delay: 0.1s;">
                <div class="flex items-center mb-6">
                    <i class="fas fa-key text-4xl feature-icon mr-4"></i>
                    <h3 class="text-2xl font-bold section-title">授权（Authorization）</h3>
                </div>
                
                <p class="text-gray-700 mb-4">
                    <strong>用途：</strong>确保用户有权访问某些资源或执行某些操作。授权是确定用户是否有权限执行特定操作的过程。
                </p>
                
                <div class="space-y-3 mb-6">
                    <div class="flex items-start">
                        <i class="fas fa-check-circle text-purple-600 mt-1 mr-3"></i>
                        <div>
                            <strong>基于角色的访问控制（RBAC）：</strong>根据用户角色控制访问权限
                        </div>
                    </div>
                    <div class="flex items-start">
                        <i class="fas fa-check-circle text-purple-600 mt-1 mr-3"></i>
                        <div>
                            <strong>基于权限的访问控制：</strong>根据用户权限控制访问
                        </div>
                    </div>
                    <div class="flex items-start">
                        <i class="fas fa-check-circle text-purple-600 mt-1 mr-3"></i>
                        <div>
                            <strong>方法级安全：</strong>使用注解在方法级别定义权限要求
                        </div>
                    </div>
                </div>
                
                <pre><code>@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
            .authorizeRequests()
                .antMatchers("/admin/**").hasRole("ADMIN")
                .antMatchers("/user/**").hasRole("USER")
                .and()
            .formLogin();
    }
}</code></pre>
            </div>

            <!-- Session Management -->
            <div class="bg-white rounded-2xl shadow-lg p-8 card-hover animate-fadeInUp" style="animation-delay: 0.2s;">
                <div class="flex items-center mb-6">
                    <i class="fas fa-clock text-4xl feature-icon mr-4"></i>
                    <h3 class="text-2xl font-bold section-title">会话管理（Session Management）</h3>
                </div>
                
                <p class="text-gray-700 mb-4">
                    <strong>用途：</strong>管理用户会话，以防止会话固定攻击、会话劫持等安全问题。
                </p>
                
                <div class="space-y-3 mb-6">
                    <div class="flex items-start">
                        <i class="fas fa-check-circle text-purple-600 mt-1 mr-3"></i>
                        <div>
                            <strong>会话固定攻击防护：</strong>确保会话 ID 在登录时被重新生成
                        </div>
                    </div>
                    <div class="flex items-start">
                        <i class="fas fa-check-circle text-purple-600 mt-1 mr-3"></i>
                        <div>
                            <strong>会话超时：</strong>配置会话超时策略
                        </div>
                    </div>
                    <div class="flex items-start">
                        <i class="fas fa-check-circle text-purple-600 mt-1 mr-3"></i>
                        <div>
                            <strong>并发会话控制：</strong>限制每个用户的并发会话数
                        </div>
                    </div>
                </div>
                
                <pre><code>@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
            .sessionManagement()
                .sessionFixation().newSession()
                .maximumSessions(1)
                .maxSessionsPreventsLogin(true);
    }
}</code></pre>
            </div>

            <!-- Password Management -->
            <div class="bg-white rounded-2xl shadow-lg p-8 card-hover animate-fadeInUp" style="animation-delay: 0.3s;">
                <div class="flex items-center mb-6">
                    <i class="fas fa-lock text-4xl feature-icon mr-4"></i>
                    <h3 class="text-2xl font-bold section-title">密码管理</h3>
                </div>
                
                <p class="text-gray-700 mb-4">
                    <strong>用途：</strong>确保用户密码的安全存储和处理。
                </p>
                
                <div class="space-y-3 mb-6">
                    <div class="flex items-start">
                        <i class="fas fa-check-circle text-purple-600 mt-1 mr-3"></i>
                        <div>
                            <strong>密码加密：</strong>使用强哈希算法（如 BCrypt、PBKDF2）对密码进行加密存储
                        </div>
                    </div>
                    <div class="flex items-start">
                        <i class="fas fa-check-circle text-purple-